{"id":2682,"date":"2012-12-12T21:15:07","date_gmt":"2012-12-12T20:15:07","guid":{"rendered":"http:\/\/www.solucominsight.fr\/?p=2682"},"modified":"2019-12-31T12:01:30","modified_gmt":"2019-12-31T11:01:30","slug":"protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/","title":{"rendered":"Protection des donn\u00e9es personnelles : la conformit\u00e9 \u00e0 la loi ne suffit plus !"},"content":{"rendered":"<p>[Article r\u00e9dig\u00e9 en collaboration avec\u00a0<strong>Ahmed Sanhaji<\/strong>,<strong> consultan<\/strong>t]<\/p>\n<p><em>Toutes les organisations sont aujourd\u2019hui susceptibles d\u2019\u00eatre concern\u00e9es pas des failles, voire des attaques, li\u00e9es aux donn\u00e9es \u00e0 caract\u00e8re personnel qu\u2019elles manipulent. Les multiples exemples relay\u00e9s ces derni\u00e8res ann\u00e9es par les m\u00e9dias l\u2019illustrent\u00a0: condamnation de la CNIL, failles r\u00e9v\u00e9l\u00e9es dans le SI, plaintes d\u2019utilisateurs,\u2026 M\u00eame si une application scrupuleuse de la loi participe \u00e0 la diminution du risque, elle ne peut garantir l\u2019absence d\u2019incident.<\/em><\/p>\n<p>De ce fait, <strong>les organisations manipulant des donn\u00e9es personnelles ne doivent plus se demander si ce type d\u2019incident pourrait arriver, mais plut\u00f4t quand il va survenir et quels en seront les impacts<\/strong>.<\/p>\n<h2>La crise &#8220;donn\u00e9es personnelles&#8221; doit \u00eatre anticip\u00e9e et pr\u00e9par\u00e9e<\/h2>\n<p>Le r\u00e9cent \u00ab\u00a0<a href=\"http:\/\/www.lefigaro.fr\/hightech\/2012\/09\/24\/01007-20120924ARTFIG00668-des-messages-prives-publies-sur-les-profils-facebook.php\" target=\"_blank\" rel=\"noopener noreferrer\">bug Facebook\u00a0<\/a>\u00bb \u00a0l\u2019illustre bien, les impacts seront d\u2019autant plus importants aujourd\u2019hui que le grand public est attentif \u00e0 ces probl\u00e9matiques.<\/p>\n<p>Pour rappel, lors de l\u2019activation de la nouvelle page Timeline, certains utilisateurs se sont plaints de la publication de messages priv\u00e9s sur leur mur. Une faille a d\u2019abord \u00e9t\u00e9 soup\u00e7onn\u00e9e.. Apr\u00e8s enqu\u00eate de la CNIL, il s\u2019agit d\u2019anciennes publications de mur \u00e0 mur quela Timeline a fait ressortir. Quelle que soit la cause, la r\u00e9action d\u00e9mesur\u00e9e des utilisateurs \u00e0 la possible publication non ma\u00eetris\u00e9e de donn\u00e9es qu\u2019ils consid\u00e8rent comme priv\u00e9es montre bien la sensibilit\u00e9 quasi-\u00e9pidermique du public sur le sujet.<\/p>\n<p>Les multiples prises de position des utilisateurs, de la presse, ainsi que de la classe politique illustrent \u00e0 quel point cette probl\u00e9matique est devenue m\u00e9diatique. La ministre d\u00e9l\u00e9gu\u00e9e \u00e0 l\u2019\u00e9conomie num\u00e9rique, Fleur Pellerin, a conseill\u00e9 h\u00e2tivement de porter plainte si la faille \u00e9tait av\u00e9r\u00e9e. De son c\u00f4t\u00e9 la CNIL, consid\u00e9rant que la confusion des utilisateurs est sans doute li\u00e9e aux changements unilat\u00e9raux et r\u00e9currents des param\u00e8tres de vie priv\u00e9e en 2009 et2010, a demand\u00e9 \u00e0 Facebook de lui transmettre les mesures que l\u2019entreprise am\u00e9ricaine comptait mettre en \u0153uvre afin de respecter ses recommandations.<\/p>\n<p>Facebook s\u2019est bien entendu d\u00e9fendu de toute \u00ab\u00a0atteinte \u00e0 la vie priv\u00e9e\u00a0\u00bb, expliquant avant la CNIL l\u2019origine de la confusion. La rapidit\u00e9 de la prise de parole n\u2019a cependant pas emp\u00each\u00e9 que l\u2019image du site et la confiance de certains utilisateurs ne soient \u00e9corn\u00e9es.<\/p>\n<p>Cet exemple a permis de mettre en lumi\u00e8re que <strong>l\u2019incident de confidentialit\u00e9 (fuite, mauvais traitements) de donn\u00e9es personnelles est devenu un type de crise \u00e0 traiter par les organisations<\/strong>. Elles doivent d\u00e8s lors amender leurs dispositifs de gestion de crise afin d\u2019y int\u00e9grer les dispositions propres \u00e0 ce type de sujet (processus de d\u00e9tection et de qualification sp\u00e9cifique, experts juridique mobilisables, \u2026). En particulier, au regard de la nouvelle, et forte sensibilit\u00e9 du public, <strong>une attention toute particuli\u00e8re devra \u00eatre port\u00e9e \u00e0 la ma\u00eetrise de la communication de crise<\/strong>. Le \u00ab\u00a0bug Facebook\u00a0\u00bb l\u2019a montr\u00e9, la crise peut davantage \u00eatre li\u00e9e \u00e0 la communication autour de l\u2019\u00e9v\u00e8nement qu&#8217;\u00e0 la faille en elle-m\u00eame.<\/p>\n<p>Il reviendra alors au <a href=\"http:\/\/www.cnil.fr\/la-cnil\/missions\/informer-conseiller\/correspondants\" target=\"_blank\" rel=\"noopener noreferrer\">Correspondant Informatique et Libert\u00e9s<\/a> de mobiliser les diff\u00e9rents acteurs concern\u00e9s (responsable du processus de crise, d\u00e9partement relation client, service juridique, experts s\u00e9curit\u00e9) au sein de groupes de travail afin de d\u00e9finir les processus et dispositifs \u00e0 mettre en place le jour \u00ab\u00a0J\u00a0\u00bb (moyens d\u2019alertes, plan de communication, \u2026).<\/p>\n<p>Le projet de <a href=\"http:\/\/ec.europa.eu\/justice\/data-protection\/document\/review2012\/com_2012_11_fr.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">r\u00e8glement europ\u00e9en relatif<\/a>\u00a0 \u00e0 la protection des donn\u00e9es personnelles rendra d\u2019ailleurs ces aspects d\u2019autant plus essentiels,\u00a0l\u2019obligation de notification de toute fuite de donn\u00e9es personnelles devant se traiter au sein d\u2019un dispositif ad-hoc impliquant l\u2019entreprise mais aussi des acteurs externes, afin d\u2019\u00e9viter que la crise prenne une ampleur pr\u00e9judiciable pour les personnes concern\u00e9es et l\u2019entreprise.<\/p>\n<h2>Seule une analyse de risques permettra d\u2019anticiper au mieux la crise<\/h2>\n<p>Pour anticiper et traiter au mieux ces crises, l\u2019organisme devra se poser la question des risques aff\u00e9rents \u00e0 la manipulation des donn\u00e9es personnelles, et construire des plans d\u2019actions proportionnels aux impacts anticip\u00e9s.<\/p>\n<p>Cette d\u00e9marche, en ligne avec les exigences de la loi informatique et libert\u00e9s (cf. article 34\u00a0: <em>Le responsable du traitement est tenu de prendre toutes pr\u00e9cautions utiles, au regard de la nature des donn\u00e9es et <span style=\"text-decoration: underline;\">des risques pr\u00e9sent\u00e9s<\/span> par le traitement<\/em>) et certainement du futur r\u00e8glement europ\u00e9en, pourra \u00eatre men\u00e9e \u00e0 l\u2019aide des m\u00e9thodes classiques d\u2019analyse de risques bien connues des Responsable de la S\u00e9curit\u00e9 des SI (les guides \u00ab\u00a0G\u00e9rer les risques\u00a0\u00bb et \u00ab\u00a0Mesures pour traiter les risques\u00a0\u00bb publi\u00e9s par la CNIL pourront \u00e9galement \u00eatre utilis\u00e9s).<\/p>\n<p>L\u2019enjeu vis-\u00e0-vis de ces donn\u00e9es personnelles ne sera donc plus uniquement de se conformer aux exigences de la loi mais bien <strong>d\u2019identifier les risques potentiels et les crises probables<\/strong>. Il reviendra alors \u00e0 l\u2019organisme de traiter en priorit\u00e9 les traitements comportant le plus de risques, notamment ceux pouvant la mettre en p\u00e9ril en cas de fuite de donn\u00e9es personnelles.<\/p>\n<div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>[Article r\u00e9dig\u00e9 en collaboration avec\u00a0Ahmed Sanhaji, consultant] Toutes les organisations sont aujourd\u2019hui susceptibles d\u2019\u00eatre concern\u00e9es pas des failles, voire des attaques, li\u00e9es aux donn\u00e9es \u00e0 caract\u00e8re personnel qu\u2019elles manipulent. Les multiples exemples relay\u00e9s ces derni\u00e8res ann\u00e9es par les m\u00e9dias l\u2019illustrent\u00a0:&#8230;<\/p>\n","protected":false},"author":16,"featured_media":2638,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[36,3226,32,35],"tags":[410,3299,1240,81],"coauthors":[804,914],"class_list":["post-2682","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-digital-compliance","category-marketing-relation-client","category-strategie-projets-it","tag-cnil","tag-digital-privacy","tag-fuite-de-donnees","tag-protection-des-donnees"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Protection des donn\u00e9es personnelles : la conformit\u00e9 \u00e0 la loi ne suffit plus !<\/title>\n<meta name=\"description\" content=\"Toutes les organisations sont aujourd\u2019hui susceptibles d\u2019\u00eatre concern\u00e9es pas des failles, voire des attaques, li\u00e9es aux donn\u00e9es \u00e0 caract\u00e8re personnel qu\u2019elles manipulent. Les multiples exemples relay\u00e9s ces derni\u00e8res ann\u00e9es par les m\u00e9dias l\u2019illustrent : condamnation de la CNIL, failles r\u00e9v\u00e9l\u00e9es dans le SI, plaintes d\u2019utilisateurs,\u2026 M\u00eame si une application scrupuleuse de la loi participe \u00e0 la diminution du risque, elle ne peut garantir l\u2019absence d\u2019incident.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Protection des donn\u00e9es personnelles : la conformit\u00e9 \u00e0 la loi ne suffit plus !\" \/>\n<meta property=\"og:description\" content=\"Toutes les organisations sont aujourd\u2019hui susceptibles d\u2019\u00eatre concern\u00e9es pas des failles, voire des attaques, li\u00e9es aux donn\u00e9es \u00e0 caract\u00e8re personnel qu\u2019elles manipulent. Les multiples exemples relay\u00e9s ces derni\u00e8res ann\u00e9es par les m\u00e9dias l\u2019illustrent : condamnation de la CNIL, failles r\u00e9v\u00e9l\u00e9es dans le SI, plaintes d\u2019utilisateurs,\u2026 M\u00eame si une application scrupuleuse de la loi participe \u00e0 la diminution du risque, elle ne peut garantir l\u2019absence d\u2019incident.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2012-12-12T20:15:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-12-31T11:01:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/11\/Fotolia_44190609_S.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"832\" \/>\n\t<meta property=\"og:image:height\" content=\"577\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Rapha\u00ebl Brun, Ahmed Sanhaji\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Rapha\u00ebl Brun, Ahmed Sanhaji\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/\"},\"author\":{\"name\":\"Rapha\u00ebl Brun\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/45dd574ed29861f917c3763e0fbcb494\"},\"headline\":\"Protection des donn\u00e9es personnelles : la conformit\u00e9 \u00e0 la loi ne suffit plus !\",\"datePublished\":\"2012-12-12T20:15:07+00:00\",\"dateModified\":\"2019-12-31T11:01:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/\"},\"wordCount\":894,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/11\/Fotolia_44190609_S.jpg\",\"keywords\":[\"CNIL\",\"Digital privacy\",\"fuite de donn\u00e9es\",\"protection des donn\u00e9es\"],\"articleSection\":[\"Cybersecurity &amp; Digital Trust\",\"Digital Compliance\",\"M\u00e9tiers - Marketing et relation client\",\"M\u00e9tiers - Strat\u00e9gie &amp; projets IT\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/\",\"name\":\"Protection des donn\u00e9es personnelles : la conformit\u00e9 \u00e0 la loi ne suffit plus !\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/11\/Fotolia_44190609_S.jpg\",\"datePublished\":\"2012-12-12T20:15:07+00:00\",\"dateModified\":\"2019-12-31T11:01:30+00:00\",\"description\":\"Toutes les organisations sont aujourd\u2019hui susceptibles d\u2019\u00eatre concern\u00e9es pas des failles, voire des attaques, li\u00e9es aux donn\u00e9es \u00e0 caract\u00e8re personnel qu\u2019elles manipulent. Les multiples exemples relay\u00e9s ces derni\u00e8res ann\u00e9es par les m\u00e9dias l\u2019illustrent : condamnation de la CNIL, failles r\u00e9v\u00e9l\u00e9es dans le SI, plaintes d\u2019utilisateurs,\u2026 M\u00eame si une application scrupuleuse de la loi participe \u00e0 la diminution du risque, elle ne peut garantir l\u2019absence d\u2019incident.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/11\/Fotolia_44190609_S.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/11\/Fotolia_44190609_S.jpg\",\"width\":832,\"height\":577},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Protection des donn\u00e9es personnelles : la conformit\u00e9 \u00e0 la loi ne suffit plus !\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/45dd574ed29861f917c3763e0fbcb494\",\"name\":\"Rapha\u00ebl Brun\",\"description\":\"Rapha\u00ebl BRUN is a Senior Manager at Wavestone within the Cybersecurity and Digital Trust practice. He graduated from the University of Technology of Troyes in France in 2008. He has expertise in crisis management, business continuity management and cybersecurity governance, developed over 10 years of experience. Raphael is also a seasoned speaker about data privacy: he addresses this topic on a regular basis on Insurance Speaker or Risk Insight.\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/raphael-brun\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Protection des donn\u00e9es personnelles : la conformit\u00e9 \u00e0 la loi ne suffit plus !","description":"Toutes les organisations sont aujourd\u2019hui susceptibles d\u2019\u00eatre concern\u00e9es pas des failles, voire des attaques, li\u00e9es aux donn\u00e9es \u00e0 caract\u00e8re personnel qu\u2019elles manipulent. Les multiples exemples relay\u00e9s ces derni\u00e8res ann\u00e9es par les m\u00e9dias l\u2019illustrent : condamnation de la CNIL, failles r\u00e9v\u00e9l\u00e9es dans le SI, plaintes d\u2019utilisateurs,\u2026 M\u00eame si une application scrupuleuse de la loi participe \u00e0 la diminution du risque, elle ne peut garantir l\u2019absence d\u2019incident.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/","og_locale":"en_US","og_type":"article","og_title":"Protection des donn\u00e9es personnelles : la conformit\u00e9 \u00e0 la loi ne suffit plus !","og_description":"Toutes les organisations sont aujourd\u2019hui susceptibles d\u2019\u00eatre concern\u00e9es pas des failles, voire des attaques, li\u00e9es aux donn\u00e9es \u00e0 caract\u00e8re personnel qu\u2019elles manipulent. Les multiples exemples relay\u00e9s ces derni\u00e8res ann\u00e9es par les m\u00e9dias l\u2019illustrent : condamnation de la CNIL, failles r\u00e9v\u00e9l\u00e9es dans le SI, plaintes d\u2019utilisateurs,\u2026 M\u00eame si une application scrupuleuse de la loi participe \u00e0 la diminution du risque, elle ne peut garantir l\u2019absence d\u2019incident.","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/","og_site_name":"RiskInsight","article_published_time":"2012-12-12T20:15:07+00:00","article_modified_time":"2019-12-31T11:01:30+00:00","og_image":[{"width":832,"height":577,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/11\/Fotolia_44190609_S.jpg","type":"image\/jpeg"}],"author":"Rapha\u00ebl Brun, Ahmed Sanhaji","twitter_misc":{"Written by":"Rapha\u00ebl Brun, Ahmed Sanhaji","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/"},"author":{"name":"Rapha\u00ebl Brun","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/45dd574ed29861f917c3763e0fbcb494"},"headline":"Protection des donn\u00e9es personnelles : la conformit\u00e9 \u00e0 la loi ne suffit plus !","datePublished":"2012-12-12T20:15:07+00:00","dateModified":"2019-12-31T11:01:30+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/"},"wordCount":894,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/11\/Fotolia_44190609_S.jpg","keywords":["CNIL","Digital privacy","fuite de donn\u00e9es","protection des donn\u00e9es"],"articleSection":["Cybersecurity &amp; Digital Trust","Digital Compliance","M\u00e9tiers - Marketing et relation client","M\u00e9tiers - Strat\u00e9gie &amp; projets IT"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/","name":"Protection des donn\u00e9es personnelles : la conformit\u00e9 \u00e0 la loi ne suffit plus !","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/11\/Fotolia_44190609_S.jpg","datePublished":"2012-12-12T20:15:07+00:00","dateModified":"2019-12-31T11:01:30+00:00","description":"Toutes les organisations sont aujourd\u2019hui susceptibles d\u2019\u00eatre concern\u00e9es pas des failles, voire des attaques, li\u00e9es aux donn\u00e9es \u00e0 caract\u00e8re personnel qu\u2019elles manipulent. Les multiples exemples relay\u00e9s ces derni\u00e8res ann\u00e9es par les m\u00e9dias l\u2019illustrent : condamnation de la CNIL, failles r\u00e9v\u00e9l\u00e9es dans le SI, plaintes d\u2019utilisateurs,\u2026 M\u00eame si une application scrupuleuse de la loi participe \u00e0 la diminution du risque, elle ne peut garantir l\u2019absence d\u2019incident.","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/11\/Fotolia_44190609_S.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/11\/Fotolia_44190609_S.jpg","width":832,"height":577},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/12\/protection-des-donnees-personnelles-la-conformite-a-la-loi-ne-suffit-plus\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Protection des donn\u00e9es personnelles : la conformit\u00e9 \u00e0 la loi ne suffit plus !"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/45dd574ed29861f917c3763e0fbcb494","name":"Rapha\u00ebl Brun","description":"Rapha\u00ebl BRUN is a Senior Manager at Wavestone within the Cybersecurity and Digital Trust practice. He graduated from the University of Technology of Troyes in France in 2008. He has expertise in crisis management, business continuity management and cybersecurity governance, developed over 10 years of experience. Raphael is also a seasoned speaker about data privacy: he addresses this topic on a regular basis on Insurance Speaker or Risk Insight.","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/raphael-brun\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/2682","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/16"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=2682"}],"version-history":[{"count":15,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/2682\/revisions"}],"predecessor-version":[{"id":12462,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/2682\/revisions\/12462"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/2638"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=2682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=2682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=2682"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=2682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}